Security
Headlines
HeadlinesLatestCVEs

Tag

#git

GHSA-6f58-j323-6472: pimcore/admin-ui-classic-bundle Unverified Password Change

### Impact As old password can be set as new password , it is considered as password policy violation. Pimcore is not enforcing strict password policy which allow attacker to set old password as new password Proof of Concept 1. Go to Admin link 2. login and click on -> "User | My Profile". 3. Go to change password now put old password as new password and click save. ### Patches https://github.com/pimcore/admin-ui-classic-bundle/commit/498ac77e54541177be27b0c710e387c47b3836ea.patch ### Workarounds Update to version 1.2.0 or apply this patches manually https://github.com/pimcore/admin-ui-classic-bundle/commit/498ac77e54541177be27b0c710e387c47b3836ea.patch ### References https://huntr.com/bounties/b031199d-192a-46e5-8c02-f7284ad74021/

ghsa
#git
GHSA-wjcc-cq79-p63f: Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF

### Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage. That is, for example, the case when the pypdf-user manipulates an incoming malicious PDF e.g. by merging it with another PDF or by adding annotations. ### Patches The issue was fixed with #2264 ### Workarounds If you cannot update your version of pypdf, you should modify `pypdf/generic/_data_structures.py` just like #2264 did.

GHSA-q78c-gwqw-jcmc: Kubernetes privilege escalation vulnerability

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.

GHSA-mr45-rx8q-wcm9: xkeys seal encryption used fixed key for all encryption

## Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The cryptographic key handling library, nkeys, recently gained support for encryption, not just for signing/authentication. This is used in nats-server 2.10 (Sep 2023) and newer for authentication callouts. ## Problem Description The nkeys library's "xkeys" encryption handling logic mistakenly passed an array by value into an internal function, where the function mutated that buffer to populate the encryption key to use. As a result, all encryption was actually to an all-zeros key. This affects encryption only, not signing. FIXME: FILL IN IMPACT ON NATS-SERVER AUTH CALLOUT SECURITY. ## Affected versions nkeys Go library: * 0.4.0 up to and including 0.4.5 * Fixed with nats-io/nkeys: 0.4.6 NATS Server: * 2.10.0 up to and including 2.10.3 * Fixed with nats-io/nats-server: 2.10.4 ## Solution Upgrade the nats-server...

CVE-2023-39610: publications/1.TP-Link Tapo C100 - HTTP Denial-Of-Service at main · zn9988/publications

An issue in TP-Link Tapo C100 v1.1.15 Build 211130 Rel.15378n(4555) and before allows attackers to cause a Denial of Service (DoS) via supplying a crafted web request.

CVE-2023-3676: [Security Advisory] CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.

GHSA-mp92-3jfm-3575: Synapse vulnerable to leak of remote user device information

### Impact Cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver. ### Patches System administrators are encouraged to upgrade to Synapse 1.95.1 as soon as possible. ### Workarounds The `federation_domain_whitelist` can be used to limit federation traffic with a homeserver.

CVE-2023-37832: Vulns/Lack of resources and rate limiting - Elenos.md at main · strik3r0x1/Vulns

A lack of rate limiting in Elenos ETG150 FM transmitter v3.12 allows attackers to obtain user credentials via brute force and cause other unspecified impacts.

CVE-2023-45955: IoT-Fuzz/Nanoleaf Lightstrip Vulnerability Report.pdf at main · IoT-Fuzz/IoT-Fuzz

An issue discovered in Nanoleaf Light strip v3.5.10 allows attackers to cause a denial of service via crafted write binding attribute commands.

CVE-2023-37831: Vulns/User enumeration - Elenos.md at main · strik3r0x1/Vulns

An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user accounts based on server responses when credentials are submitted.